415cd4cbcb95e4957735742917df5adc0055bd488b64e56f3aba162af644de95

Sharing

Copy URL Twitter E-mail

General

Target

415cd4cbcb95e4957735742917df5adc0055bd488b64e56f3aba162af644de95
Size

294KB
MD5

7bf0a79b5794ccdecec894c4e02c7c20
SHA1

363797493382f0c3452302ee9d47ad0ae8fc55d4
SHA256

415cd4cbcb95e4957735742917df5adc0055bd488b64e56f3aba162af644de95
SHA512

d80885707cb30e245407b194b3e1f49d93d378bd29fad6e1f6371ca4dee7877c0245ceb9cd9dfcd0329a7f6ceb04ea3444cc1683f809d54959aac26e8ace2028
SSDEEP

6144:Mb4fAS2iM2j0S/jWAZpnGUOJrB6V97XwRkwkUT5By7nts9scKfX:HAS23JqnGUY1U7U9BGsuv

Score

N/A

Malware Config

Signatures

Files

415cd4cbcb95e4957735742917df5adc0055bd488b64e56f3aba162af644de95
.exe windows x86

959268be9a9454e362912ab3f50f1d7b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

EndDoc
Polyline
StartDocW

lz32

LZRead
GetExpandedNameA
LZInit

version

VerLanguageNameW

shell32

SHAddToRecentDocs
SHGetFileInfoA

user32

ShowWindow
ValidateRect
DlgDirListComboBoxW
CloseWindow
MsgWaitForMultipleObjects
UpdateWindow

imm32

ImmGetConversionListA
ImmGetCandidateListCountA
ImmGetDescriptionW
ImmUnregisterWordW
ImmEscapeA
ImmIsIME
ImmSetCompositionFontW
ImmGetIMEFileNameW
ImmGetStatusWindowPos

kernel32

GetPrivateProfileStringW
HeapAlloc
GetExitCodeProcess
Beep
GetNumberFormatA
GetHandleInformation
GetPrivateProfileSectionW
GetConsoleTitleW
GetLocaleInfoA
FatalExit
GetEnvironmentVariableW
DosDateTimeToFileTime
GetPrivateProfileSectionA
GetTempFileNameW
GetConsoleScreenBufferInfo
GetModuleHandleW
FindResourceA
FlushFileBuffers
CopyFileW
GetThreadPriorityBoost
CreateDirectoryExW
GetFileSize
DisableThreadLibraryCalls
CreateDirectoryExA
GetTapeStatus
GetProcessVersion
EraseTape
GetQueuedCompletionStatus
AddAtomA
GetSystemInfo
BeginUpdateResourceA
BuildCommDCBAndTimeoutsA
GetThreadTimes
EnumSystemCodePagesA
GetLocalTime
CallNamedPipeA
GetModuleHandleA
GetStartupInfoA

advapi32

LsaSetInformationPolicy
RegUnLoadKeyW
RegSaveKeyW
LsaRetrievePrivateData
LsaEnumerateAccountsWithUserRight
GetNamedSecurityInfoA
BuildTrusteeWithNameW
LsaNtStatusToWinError
DecryptFileA
GetLengthSid
AreAllAccessesGranted
OpenEventLogA
IsTokenRestricted
RegisterEventSourceW
LookupAccountNameA
OpenSCManagerA
CreateProcessAsUserW
ObjectDeleteAuditAlarmW
BuildSecurityDescriptorA
SetSecurityInfo
PrivilegedServiceAuditAlarmA
GetServiceDisplayNameW
CreateProcessAsUserA
GetSidIdentifierAuthority
MakeSelfRelativeSD
ObjectCloseAuditAlarmA
RegOpenKeyW
QueryServiceLockStatusA
AddAccessDeniedAce
LookupPrivilegeDisplayNameA
GetAuditedPermissionsFromAclW
GetTrusteeFormA
GetMultipleTrusteeA
OpenSCManagerW
CreateRestrictedToken
EqualSid
LsaQueryDomainInformationPolicy
ObjectPrivilegeAuditAlarmW
DuplicateTokenEx
GetSecurityDescriptorLength
RegDeleteKeyA
AccessCheckAndAuditAlarmW
IsValidSecurityDescriptor
RegDeleteKeyW
RegDeleteValueW
BackupEventLogW
SetServiceStatus
LookupSecurityDescriptorPartsW
RegisterEventSourceA
GetSecurityDescriptorOwner
AdjustTokenGroups
GetUserNameW
LsaEnumerateTrustedDomainsEx
ReadEventLogA

resutils

ResUtilDupParameterBlock
ResUtilGetProperty

msvcrt

_controlfp
_except_handler3
__dllonexit
__p__fmode
_adjust_fdiv
__setusermatherr
_onexit
__set_app_type
__p__commode
_initterm
__getmainargs
_acmdln
_exit
_XcptFilter
exit

ole32

HMENU_UserMarshal
WriteFmtUserTypeStg
HMENU_UserUnmarshal
CoMarshalHresult
OleCreateFromFileEx

urlmon

HlinkNavigateMoniker
WriteHitLogging
FindMediaType
CoInternetGetProtocolFlags
HlinkSimpleNavigateToMoniker

oleaut32

SafeArrayGetIID
VarBstrFromUI4

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

959268be9a9454e362912ab3f50f1d7b

Headers

File Characteristics

Imports

gdi32

lz32

version

shell32

user32

imm32

kernel32

advapi32

resutils

msvcrt

ole32

urlmon

oleaut32

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 308KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 308KB

.rsrc
Size: 4KB - Virtual size: 1KB